The Importance of Layer 3 Redundancy: Understanding HSRP – Pt. 1

Providing Layer 3 redundancy is crucial for uninterrupted network services and communications in enterprise networks. This approach provides hardware redundancy in the event of a device failure. It offers various alternative routing paths throughout the network.

When routers have several routes to a specific destination, they always choose the best one according to the routing protocol's criteria. However, most computers, servers, or printers do not support dynamic routing protocols.

They must use a default gateway whenever they need to communicate to external networks. Therefore, providing a non-stop default gateway redundancy is essential for users to communicate outside their local networks. A special feature can be implemented to achieve this goal.

This Part 1 article provides an overview of the First Hop Redundancy Protocols (FHRPs), why we need to use them, their benefits, and basic information on the Hot Standby Router Protocol (HSRP). View Part 2 to find out how to implement HSRP and details on some of the additional features it supports.

View some of our other popular articles:

• Learn the Packet Delivery Process (Default Gateway and ARP) - Pt. 1
• Learn the Packet Delivery Process (Host-to-Host Communication) - Pt. 2
• Exploring Routing Functions and the Purpose of the Routing Table
• Why Is BGP the King of Routing Protocols?

The Need for Default Gateway Redundancy

End devices always send packets to the default gateway when the destination IP is not in the local network where they belong. However, the communications break if the default gateway fails, and the end devices become limited only to local network communications.

For that reason, dual redundant routers or Layer 3 switches can be implemented, so when the primary fails, the secondary can take over the role of the default gateway.

But redundant equipment alone does not guarantee failover. Let's look at the image above. The topology consists of two routers, R1 and R2, and both know how to reach the network's core and go to the internet.

At the same time, R1 operates as the primary default gateway for the end devices, so when PC1 needs to send data outside its local network, it sends it to R1.

However, like any other network device, R1 can fail, which is when the problems start for the end devices. Even though there is a redundant link through R2, the end devices are not capable of using that redundant option.

The reason is that each end device is configured with a single default gateway, and this information does not dynamically update when the network topology changes. Because there is no dynamic method that can help the end devices to update the default gateway IP, they stay isolated from the rest of the network, even though a redundant device (R2) is available and can operate as a default gateway.

Explore your options here at PivIT. Click below to learn more about the router solutions we can bring to your network, whether it be the hardware itself, maintenance, or the field services you need to get online.

Understanding FHRP

Because end devices depend on using a default gateway, and no mechanism exists to update it dynamically when a topology change occurs, an additional feature must be implemented. The solution comes in the form of a concept called the First Hop Redundancy Protocol.

The image below shows a set of Layer 3 devices, which can be two or more routers or Layer 3 switches working together in a group as a single unit to present the illusion of a single "virtual" device (default gateway) to the end devices in the local network.

One of the devices is always active and responsible for processing the data it receives from the end devices, while another device functions as a backup and takes over the primary role when the active device fails.

For this concept to work, the "virtual device" is assigned a virtual IP address and a virtual MAC address. The end devices use the virtual IP address as a default gateway.

In reality, no such virtual device exists. Still, both physical devices (either routers or L3 switches) are aware of these two virtual parameters and use them when they have the active role.

As a result, when end devices send data to the default gateway (the virtual IP address), the device operating as an active unit oversees the virtual IP and MAC addresses and processes the traffic data.

On the other hand, when the active device fails, the backup device learns about that failure and takes over the active role transparently. Hence, endpoints see no disruption in service, even though a different device continues to operate as a default gateway for them. This is illustrated in the image above, which shows R2 assuming the role of the active (forwarding) router when R1 fails.

Also, the active device in the group is not just responsible for processing the data from the end devices that it receives but also for replying to the Address Resolution Protocol (ARP) request messages that it receives from the endpoints asking for the MAC address of the default gateway. The virtual MAC address is included in the ARP reply messages in such a case.

As part of PivIT's EXTEND, we offer a secure, isolated, and remote environment to pre-configure your network, compute, and storage hardware prior to deployment to your locations around the world using our out-of-band (OOB) management platform. Find out more about how our Remote Staging Environment works.

FHRP Variants

Besides providing transparent default gateway failover to the endpoints, the FHRP also offers device redundancy, load balancing, and Service Level Agreement (SLA) services, among many other features. You can choose the best FHRP for your network depending on different factors and criteria. On Cisco routers and switches, you can use the following protocols:

• Hot Standby Router Protocol (HSRP): First FHRP protocol that Cisco developed to provide Layer 3 redundancy on routers and Layer 3 switches. This protocol allows only one active device to process the traffic data, regardless of the number of devices included in the HSRP group.
• Virtual Router Redundancy Protocol (VRRP): Standard FHRP protocol that works like the HSRP protocol but slightly differs. Again, only one active device is responsible for processing the data traffic.
• Gateway Load Balancing Protocol (GLBP): New FHRP protocol from Cisco offers multiple active devices to operate simultaneously instead of just one. It provides better optimization and more beneficial load balancing.

Understanding the requirements for a Layer 3 redundancy and the advantages of using the FHRPs is crucial for providing a stable enterprise network without uninterrupted network communications. This not only optimizes the network behavior but also offers higher employee productivity at the same time.

To learn more about the FHRP concept and get familiar with the configuration of HSRP and the additional features it supports, check out the second part of this article.

If you are currently stuck with 90-120+ day lead times? Click below to cut your lead times down to a fraction of what they are, and get pricing in as little as 24 hours!